Yokogawa WideField3 (ICSA-20-273-02) – Product Used in the Energy Sector

CISA has published an advisory on a buffer copy without checking size of input vulnerability in Yokogawa WideField3. WideField3 R1.01 – R4.-3 are affected. Successful exploitation of this vulnerability could terminate the program abnormally. Yokogawa has prepared revision R4.04 to address this vulnerability and recommends that users switch to this revision. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.